[Cryptech-Commits] [sw/stm32] 02/02: Track removal of hal_rpc_pkey_list().

git at cryptech.is git at cryptech.is
Mon Nov 14 23:30:37 UTC 2016


This is an automated email from the git hooks/post-receive script.

sra at hactrn.net pushed a commit to branch ksng
in repository sw/stm32.

commit 08c377d92306656f32d36e4efad06d65c4f0b6ba
Author: Rob Austein <sra at hactrn.net>
AuthorDate: Mon Nov 14 18:07:41 2016 -0500

    Track removal of hal_rpc_pkey_list().
---
 projects/cli-test/mgmt-keystore.c | 115 ++++++++++++++++++++++-----------
 projects/hsm/mgmt-keystore.c      | 130 ++++++++++++++++++++++----------------
 2 files changed, 155 insertions(+), 90 deletions(-)

diff --git a/projects/cli-test/mgmt-keystore.c b/projects/cli-test/mgmt-keystore.c
index 1fb720b..3afd238 100644
--- a/projects/cli-test/mgmt-keystore.c
+++ b/projects/cli-test/mgmt-keystore.c
@@ -231,53 +231,96 @@ static int cmd_keystore_show_data(struct cli_def *cli, const char *command, char
     return CLI_OK;
 }
 
-static int cmd_keystore_show_keys(struct cli_def *cli, const char *command, char *argv[], int argc)
+static int show_keys(struct cli_def *cli, const char *title, const hal_key_flags_t qflags)
 {
-    hal_pkey_info_t keys[64];
-    unsigned n;
+    const hal_client_handle_t  client  = { -1 };
+    const hal_session_handle_t session = { HAL_HANDLE_NONE };
+    char key_name[HAL_UUID_TEXT_SIZE];
+    hal_uuid_t previous_uuid = {{0}};
+    hal_pkey_handle_t pkey;
+    hal_curve_name_t curve;
+    hal_key_flags_t flags;
+    hal_key_type_t type;
     hal_error_t status;
-    hal_client_handle_t client = {HAL_HANDLE_NONE};
-    hal_session_handle_t session = {HAL_HANDLE_NONE};
-
-    if ((status = hal_rpc_pkey_list(client, session, keys, &n, sizeof(keys)/sizeof(*keys),
-				    HAL_KEY_FLAG_TOKEN)) != LIBHAL_OK) {
-	cli_print(cli, "Could not fetch key info: %s", hal_error_string(status));
-	return CLI_ERROR;
-    }
+    hal_uuid_t uuids[50];
+    unsigned n;
+    int done = 0;
 
-    for (int i = 0; i < n; i++) {
-	char name[HAL_UUID_TEXT_SIZE];
-	const char *type, *curve;
+    cli_print(cli, title);
 
-	switch (keys[i].type) {
-	case HAL_KEY_TYPE_RSA_PRIVATE:	type = "RSA private";	break;
-	case HAL_KEY_TYPE_RSA_PUBLIC:	type = "RSA public";	break;
-	case HAL_KEY_TYPE_EC_PRIVATE:	type = "EC private";	break;
-	case HAL_KEY_TYPE_EC_PUBLIC:	type = "EC public";	break;
-	default:			type = "unknown";	break;
-	}
+    while (!done) {
 
-	switch (keys[i].curve) {
-	case HAL_CURVE_NONE:		curve = "none";		break;
-	case HAL_CURVE_P256:		curve = "P-256";	break;
-	case HAL_CURVE_P384:		curve = "P-384";	break;
-	case HAL_CURVE_P521:		curve = "P-521";	break;
-	default:			curve = "unknown";	break;
+	if ((status = hal_rpc_pkey_match(client, session, HAL_KEY_TYPE_NONE, HAL_CURVE_NONE,
+					 qflags, NULL, 0, uuids, &n, sizeof(uuids)/sizeof(*uuids),
+					 &previous_uuid)) != LIBHAL_OK) {
+	    cli_print(cli, "Could not fetch UUID list: %s", hal_error_string(status));
+	    return 0;
 	}
 
-	if ((status = hal_uuid_format(&keys[i].name, name, sizeof(name))) != LIBHAL_OK) {
-	    cli_print(cli, "Could not convert key name: %s", hal_error_string(status));
-	    return CLI_ERROR;
+	done = n < sizeof(uuids)/sizeof(*uuids);
+
+	if (!done)
+	    previous_uuid = uuids[sizeof(uuids)/sizeof(*uuids) - 1];
+
+	for (int i = 0; i < n; i++) {
+
+	    if ((status = hal_uuid_format(&uuids[i], key_name, sizeof(key_name))) != LIBHAL_OK) {
+		cli_print(cli, "Could not convert key name: %s",
+			  hal_error_string(status));
+		return 0;
+	    }
+
+	    if ((status = hal_rpc_pkey_open(client, session, &pkey, &uuids[i], qflags)) != LIBHAL_OK) {
+	        cli_print(cli, "Could not open key %s: %s",
+			  key_name, hal_error_string(status));
+		return 0;
+	    }
+
+	    if ((status = hal_rpc_pkey_get_key_type(pkey, &type))   != LIBHAL_OK ||
+		(status = hal_rpc_pkey_get_key_curve(pkey, &curve)) != LIBHAL_OK ||
+		(status = hal_rpc_pkey_get_key_flags(pkey, &flags)) != LIBHAL_OK)
+	        cli_print(cli, "Could not fetch metadata for key %s: %s",
+			  key_name, hal_error_string(status));
+
+	    if (status == LIBHAL_OK)
+	        status = hal_rpc_pkey_close(pkey);
+	    else
+	        (void) hal_rpc_pkey_close(pkey);
+
+	    if (status != LIBHAL_OK)
+	        return 0;
+
+	    const char *type_name = "unknown";
+	    switch (type) {
+	    case HAL_KEY_TYPE_NONE:		type_name = "none";		break;
+	    case HAL_KEY_TYPE_RSA_PRIVATE:	type_name = "RSA private";	break;
+	    case HAL_KEY_TYPE_RSA_PUBLIC:	type_name = "RSA public";	break;
+	    case HAL_KEY_TYPE_EC_PRIVATE:	type_name = "EC private";	break;
+	    case HAL_KEY_TYPE_EC_PUBLIC:	type_name = "EC public";	break;
+	    }
+
+	    const char *curve_name = "unknown";
+	    switch (curve) {
+	    case HAL_CURVE_NONE:		curve_name = "none";		break;
+	    case HAL_CURVE_P256:		curve_name = "P-256";		break;
+	    case HAL_CURVE_P384:		curve_name = "P-384";		break;
+	    case HAL_CURVE_P521:		curve_name = "P-521";		break;
+	    }
+
+	    cli_print(cli, "Key %2i, name %s, type %s, curve %s, flags 0x%lx",
+		      i, key_name, type_name, curve_name, (unsigned long) flags);
 	}
-
-	cli_print(cli, "Key %2i, name %s, type %s, curve %s, flags 0x%lx",
-		  i, name, type, curve, (unsigned long) keys[i].flags);
-
     }
 
-    cli_print(cli, "\n");
+    return 1;
+}
 
-    return CLI_OK;
+static int cmd_keystore_show_keys(struct cli_def *cli, const char *command, char *argv[], int argc)
+{
+    int ok = 1;
+    ok &= show_keys(cli, "Memory keystore:", 0);
+    ok &= show_keys(cli, "Token keystore:",  HAL_KEY_FLAG_TOKEN);
+    return ok ? CLI_OK : CLI_ERROR;
 }
 
 static int cmd_keystore_erase(struct cli_def *cli, const char *command, char *argv[], int argc)
diff --git a/projects/hsm/mgmt-keystore.c b/projects/hsm/mgmt-keystore.c
index 9c1d427..a15243f 100644
--- a/projects/hsm/mgmt-keystore.c
+++ b/projects/hsm/mgmt-keystore.c
@@ -171,74 +171,96 @@ static int cmd_keystore_delete_key(struct cli_def *cli, const char *command, cha
     return CLI_OK;
 }
 
-static int show_keys(struct cli_def *cli, const hal_pkey_info_t * const keys, const unsigned n)
+static int show_keys(struct cli_def *cli, const char *title, const hal_key_flags_t qflags)
 {
-    char name[HAL_UUID_TEXT_SIZE];
-    const char *type, *curve;
+    const hal_client_handle_t  client  = { -1 };
+    const hal_session_handle_t session = { HAL_HANDLE_NONE };
+    char key_name[HAL_UUID_TEXT_SIZE];
+    hal_uuid_t previous_uuid = {{0}};
+    hal_pkey_handle_t pkey;
+    hal_curve_name_t curve;
+    hal_key_flags_t flags;
+    hal_key_type_t type;
     hal_error_t status;
+    hal_uuid_t uuids[50];
+    unsigned n;
+    int done = 0;
 
-    for (int i = 0; i < n; i++) {
+    cli_print(cli, title);
 
-	switch (keys[i].type) {
-	case HAL_KEY_TYPE_RSA_PRIVATE:	type = "RSA private";	break;
-	case HAL_KEY_TYPE_RSA_PUBLIC:	type = "RSA public";	break;
-	case HAL_KEY_TYPE_EC_PRIVATE:	type = "EC private";	break;
-	case HAL_KEY_TYPE_EC_PUBLIC:	type = "EC public";	break;
-	default:			type = "unknown";	break;
-	}
+    while (!done) {
 
-	switch (keys[i].curve) {
-	case HAL_CURVE_NONE:		curve = "none";		break;
-	case HAL_CURVE_P256:		curve = "P-256";	break;
-	case HAL_CURVE_P384:		curve = "P-384";	break;
-	case HAL_CURVE_P521:		curve = "P-521";	break;
-	default:			curve = "unknown";	break;
+	if ((status = hal_rpc_pkey_match(client, session, HAL_KEY_TYPE_NONE, HAL_CURVE_NONE,
+					 qflags, NULL, 0, uuids, &n, sizeof(uuids)/sizeof(*uuids),
+					 &previous_uuid)) != LIBHAL_OK) {
+	    cli_print(cli, "Could not fetch UUID list: %s", hal_error_string(status));
+	    return 0;
 	}
 
-	if ((status = hal_uuid_format(&keys[i].name, name, sizeof(name))) != LIBHAL_OK) {
-	    cli_print(cli, "Could not convert key name: %s", hal_error_string(status));
-	    return CLI_ERROR;
+	done = n < sizeof(uuids)/sizeof(*uuids);
+
+	if (!done)
+	    previous_uuid = uuids[sizeof(uuids)/sizeof(*uuids) - 1];
+
+	for (int i = 0; i < n; i++) {
+
+	    if ((status = hal_uuid_format(&uuids[i], key_name, sizeof(key_name))) != LIBHAL_OK) {
+		cli_print(cli, "Could not convert key name: %s",
+			  hal_error_string(status));
+		return 0;
+	    }
+
+	    if ((status = hal_rpc_pkey_open(client, session, &pkey, &uuids[i], qflags)) != LIBHAL_OK) {
+	        cli_print(cli, "Could not open key %s: %s",
+			  key_name, hal_error_string(status));
+		return 0;
+	    }
+
+	    if ((status = hal_rpc_pkey_get_key_type(pkey, &type))   != LIBHAL_OK ||
+		(status = hal_rpc_pkey_get_key_curve(pkey, &curve)) != LIBHAL_OK ||
+		(status = hal_rpc_pkey_get_key_flags(pkey, &flags)) != LIBHAL_OK)
+	        cli_print(cli, "Could not fetch metadata for key %s: %s",
+			  key_name, hal_error_string(status));
+
+	    if (status == LIBHAL_OK)
+	        status = hal_rpc_pkey_close(pkey);
+	    else
+	        (void) hal_rpc_pkey_close(pkey);
+
+	    if (status != LIBHAL_OK)
+	        return 0;
+
+	    const char *type_name = "unknown";
+	    switch (type) {
+	    case HAL_KEY_TYPE_NONE:		type_name = "none";		break;
+	    case HAL_KEY_TYPE_RSA_PRIVATE:	type_name = "RSA private";	break;
+	    case HAL_KEY_TYPE_RSA_PUBLIC:	type_name = "RSA public";	break;
+	    case HAL_KEY_TYPE_EC_PRIVATE:	type_name = "EC private";	break;
+	    case HAL_KEY_TYPE_EC_PUBLIC:	type_name = "EC public";	break;
+	    }
+
+	    const char *curve_name = "unknown";
+	    switch (curve) {
+	    case HAL_CURVE_NONE:		curve_name = "none";		break;
+	    case HAL_CURVE_P256:		curve_name = "P-256";		break;
+	    case HAL_CURVE_P384:		curve_name = "P-384";		break;
+	    case HAL_CURVE_P521:		curve_name = "P-521";		break;
+	    }
+
+	    cli_print(cli, "Key %2i, name %s, type %s, curve %s, flags 0x%lx",
+		      i, key_name, type_name, curve_name, (unsigned long) flags);
 	}
-
-	cli_print(cli, "Key %2i, name %s, type %s, curve %s, flags 0x%lx",
-		  i, name, type, curve, (unsigned long) keys[i].flags);
-
     }
 
-    return CLI_OK;
+    return 1;
 }
 
 static int cmd_keystore_show_keys(struct cli_def *cli, const char *command, char *argv[], int argc)
 {
-    hal_pkey_info_t keys[128];
-    unsigned n;
-    hal_error_t status;
-    hal_client_handle_t  client  = { -1 };
-    hal_session_handle_t session = { HAL_HANDLE_NONE };
-
-    if ((status = hal_rpc_pkey_list(client, session, keys, &n, sizeof(keys)/sizeof(*keys),
-				    0)) != LIBHAL_OK) {
-	cli_print(cli, "Could not fetch memory key info: %s", hal_error_string(status));
-	return CLI_ERROR;
-    }
-
-    cli_print(cli, "Memory keystore:");
-
-    if (show_keys(cli, keys, n) != CLI_OK)
-	return CLI_ERROR;
-
-    if ((status = hal_rpc_pkey_list(client, session, keys, &n, sizeof(keys)/sizeof(*keys),
-				    HAL_KEY_FLAG_TOKEN)) != LIBHAL_OK) {
-	cli_print(cli, "Could not fetch token key info: %s", hal_error_string(status));
-	return CLI_ERROR;
-    }
-
-    cli_print(cli, "Token keystore:");
-
-    if (show_keys(cli, keys, n) != CLI_OK)
-	return CLI_ERROR;
-
-    return CLI_OK;
+    int ok = 1;
+    ok &= show_keys(cli, "Memory keystore:", 0);
+    ok &= show_keys(cli, "Token keystore:",  HAL_KEY_FLAG_TOKEN);
+    return ok ? CLI_OK : CLI_ERROR;
 }
 
 static int cmd_keystore_erase(struct cli_def *cli, const char *command, char *argv[], int argc)



More information about the Commits mailing list